{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-20288", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2024-10-10T19:15:13.251Z", "datePublished": "2025-07-16T16:16:55.622Z", "dateUpdated": "2025-07-18T14:30:15.794Z"}, "containers": {"cna": {"title": "Cisco Unified Intelligence Center Server-Side Request Forgery Vulnerability", "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "baseScore": 5.8, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device.\r\n\r\nThis vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-ssrf-JSuDjeV", "name": "cisco-sa-cuis-ssrf-JSuDjeV"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-cuis-ssrf-JSuDjeV", "discovery": "EXTERNAL", "defects": ["CSCwn34672"]}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "Server-Side Request Forgery (SSRF)", "type": "cwe", "cweId": "CWE-918"}]}], "affected": [{"vendor": "Cisco", "product": "Cisco Unified Contact Center Express", "versions": [{"version": "10.6(1)", "status": "affected"}, {"version": "10.5(1)SU1", "status": "affected"}, {"version": "10.6(1)SU3", "status": "affected"}, {"version": "12.0(1)", "status": "affected"}, {"version": "10.6(1)SU1", "status": "affected"}, {"version": "11.0(1)SU1", "status": "affected"}, {"version": "11.5(1)SU1", "status": "affected"}, {"version": "10.5(1)", "status": "affected"}, {"version": "11.6(1)", "status": "affected"}, {"version": "11.6(2)", "status": "affected"}, {"version": "12.5(1)", "status": "affected"}, {"version": "12.5(1)SU1", "status": "affected"}, {"version": "12.5(1)SU2", "status": "affected"}, {"version": "12.5(1)SU3", "status": "affected"}, {"version": "12.5(1)_SU03_ES01", "status": "affected"}, {"version": "12.5(1)_SU03_ES02", "status": "affected"}, {"version": "12.5(1)_SU02_ES03", "status": "affected"}, {"version": "12.5(1)_SU02_ES04", "status": "affected"}, {"version": "12.5(1)_SU02_ES02", "status": "affected"}, {"version": "12.5(1)_SU01_ES02", "status": "affected"}, {"version": "12.5(1)_SU01_ES03", "status": "affected"}, {"version": "12.5(1)_SU02_ES01", "status": "affected"}, {"version": "11.6(2)ES07", "status": "affected"}, {"version": "11.6(2)ES08", "status": "affected"}, {"version": "12.5(1)_SU01_ES01", "status": "affected"}, {"version": "12.0(1)ES04", "status": "affected"}, {"version": "12.5(1)ES02", "status": "affected"}, {"version": "12.5(1)ES03", "status": "affected"}, {"version": "11.6(2)ES06", "status": "affected"}, {"version": "12.5(1)ES01", "status": "affected"}, {"version": "12.0(1)ES03", "status": "affected"}, {"version": "12.0(1)ES01", "status": "affected"}, {"version": "11.6(2)ES05", "status": "affected"}, {"version": "12.0(1)ES02", "status": "affected"}, {"version": "11.6(2)ES04", "status": "affected"}, {"version": "11.6(2)ES03", "status": "affected"}, {"version": "11.6(2)ES02", "status": "affected"}, {"version": "11.6(2)ES01", "status": "affected"}, {"version": "10.6(1)SU3ES03", "status": "affected"}, {"version": "11.0(1)SU1ES03", "status": "affected"}, {"version": "10.6(1)SU3ES01", "status": "affected"}, {"version": "10.5(1)SU1ES10", "status": "affected"}, {"version": "11.5(1)SU1ES03", "status": "affected"}, {"version": "11.6(1)ES02", "status": "affected"}, {"version": "11.5(1)ES01", "status": "affected"}, {"version": "10.6(1)SU2", "status": "affected"}, {"version": "10.6(1)SU2ES04", "status": "affected"}, {"version": "11.6(1)ES01", "status": "affected"}, {"version": "10.6(1)SU3ES02", "status": "affected"}, {"version": "11.5(1)SU1ES02", "status": "affected"}, {"version": "11.5(1)SU1ES01", "status": "affected"}, {"version": "11.0(1)SU1ES02", "status": "affected"}, {"version": "12.5(1)_SU03_ES03", "status": "affected"}, {"version": "12.5(1)_SU03_ES04", "status": "affected"}, {"version": "12.5(1)_SU03_ES05", "status": "affected"}, {"version": "12.5(1)_SU03_ES06", "status": "affected"}], "defaultStatus": "unknown"}, {"vendor": "Cisco", "product": "Cisco Unified Intelligence Center", "versions": [{"version": "11.6(1)", "status": "affected"}, {"version": "10.5(1)", "status": "affected"}, {"version": "11.0(1)", "status": "affected"}, {"version": "11.5(1)", "status": "affected"}, {"version": "12.0(1)", "status": "affected"}, {"version": "12.5(1)", "status": "affected"}, {"version": "11.0(2)", "status": "affected"}, {"version": "12.6(1)", "status": "affected"}, {"version": "12.5(1)SU", "status": "affected"}, {"version": "12.6(1)_ET", "status": "affected"}, {"version": "12.6(1)_ES05_ET", "status": "affected"}, {"version": "11.0(3)", "status": "affected"}, {"version": "12.6(2)", "status": "affected"}, {"version": "12.6(2)_504_Issue_ET", "status": "affected"}, {"version": "12.6.1_ExcelIssue_ET", "status": "affected"}, {"version": "12.6(2)_Permalink_ET", "status": "affected"}, {"version": "12.6.2_CSCwk19536_ET", "status": "affected"}, {"version": "12.6.2_CSCwm96922_ET", "status": "affected"}, {"version": "12.6.2_Amq_OOS_ET", "status": "affected"}, {"version": "12.5(2)ET_CSCwi79933", "status": "affected"}, {"version": "12.6(2)_ET", "status": "affected"}, {"version": "12.6.2_CSCwn48501_ET", "status": "affected"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2025-07-16T16:16:55.622Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-18T14:30:07.079145Z", "id": "CVE-2025-20288", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-18T14:30:15.794Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-20288", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-18T14:30:07.079145Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-18T14:30:10.637Z"}}], "cna": {"title": "Cisco Unified Intelligence Center Server-Side Request Forgery Vulnerability", "source": {"defects": ["CSCwn34672"], "advisory": "cisco-sa-cuis-ssrf-JSuDjeV", "discovery": "EXTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Unified Contact Center Express", "versions": [{"status": "affected", "version": "10.6(1)"}, {"status": "affected", "version": "10.5(1)SU1"}, {"status": "affected", "version": "10.6(1)SU3"}, {"status": "affected", "version": "12.0(1)"}, {"status": "affected", "version": "10.6(1)SU1"}, {"status": "affected", "version": "11.0(1)SU1"}, {"status": "affected", "version": "11.5(1)SU1"}, {"status": "affected", "version": "10.5(1)"}, {"status": "affected", "version": "11.6(1)"}, {"status": "affected", "version": "11.6(2)"}, {"status": "affected", "version": "12.5(1)"}, {"status": "affected", "version": "12.5(1)SU1"}, {"status": "affected", "version": "12.5(1)SU2"}, {"status": "affected", "version": "12.5(1)SU3"}, {"status": "affected", "version": "12.5(1)_SU03_ES01"}, {"status": "affected", "version": "12.5(1)_SU03_ES02"}, {"status": "affected", "version": "12.5(1)_SU02_ES03"}, {"status": "affected", "version": "12.5(1)_SU02_ES04"}, {"status": "affected", "version": "12.5(1)_SU02_ES02"}, {"status": "affected", "version": "12.5(1)_SU01_ES02"}, {"status": "affected", "version": "12.5(1)_SU01_ES03"}, {"status": "affected", "version": "12.5(1)_SU02_ES01"}, {"status": "affected", "version": "11.6(2)ES07"}, {"status": "affected", "version": "11.6(2)ES08"}, {"status": "affected", "version": "12.5(1)_SU01_ES01"}, {"status": "affected", "version": "12.0(1)ES04"}, {"status": "affected", "version": "12.5(1)ES02"}, {"status": "affected", "version": "12.5(1)ES03"}, {"status": "affected", "version": "11.6(2)ES06"}, {"status": "affected", "version": "12.5(1)ES01"}, {"status": "affected", "version": "12.0(1)ES03"}, {"status": "affected", "version": "12.0(1)ES01"}, {"status": "affected", "version": "11.6(2)ES05"}, {"status": "affected", "version": "12.0(1)ES02"}, {"status": "affected", "version": "11.6(2)ES04"}, {"status": "affected", "version": "11.6(2)ES03"}, {"status": "affected", "version": "11.6(2)ES02"}, {"status": "affected", "version": "11.6(2)ES01"}, {"status": "affected", "version": "10.6(1)SU3ES03"}, {"status": "affected", "version": "11.0(1)SU1ES03"}, {"status": "affected", "version": "10.6(1)SU3ES01"}, {"status": "affected", "version": "10.5(1)SU1ES10"}, {"status": "affected", "version": "11.5(1)SU1ES03"}, {"status": "affected", "version": "11.6(1)ES02"}, {"status": "affected", "version": "11.5(1)ES01"}, {"status": "affected", "version": "10.6(1)SU2"}, {"status": "affected", "version": "10.6(1)SU2ES04"}, {"status": "affected", "version": "11.6(1)ES01"}, {"status": "affected", "version": "10.6(1)SU3ES02"}, {"status": "affected", "version": "11.5(1)SU1ES02"}, {"status": "affected", "version": "11.5(1)SU1ES01"}, {"status": "affected", "version": "11.0(1)SU1ES02"}, {"status": "affected", "version": "12.5(1)_SU03_ES03"}, {"status": "affected", "version": "12.5(1)_SU03_ES04"}, {"status": "affected", "version": "12.5(1)_SU03_ES05"}, {"status": "affected", "version": "12.5(1)_SU03_ES06"}], "defaultStatus": "unknown"}, {"vendor": "Cisco", "product": "Cisco Unified Intelligence Center", "versions": [{"status": "affected", "version": "11.6(1)"}, {"status": "affected", "version": "10.5(1)"}, {"status": "affected", "version": "11.0(1)"}, {"status": "affected", "version": "11.5(1)"}, {"status": "affected", "version": "12.0(1)"}, {"status": "affected", "version": "12.5(1)"}, {"status": "affected", "version": "11.0(2)"}, {"status": "affected", "version": "12.6(1)"}, {"status": "affected", "version": "12.5(1)SU"}, {"status": "affected", "version": "12.6(1)_ET"}, {"status": "affected", "version": "12.6(1)_ES05_ET"}, {"status": "affected", "version": "11.0(3)"}, {"status": "affected", "version": "12.6(2)"}, {"status": "affected", "version": "12.6(2)_504_Issue_ET"}, {"status": "affected", "version": "12.6.1_ExcelIssue_ET"}, {"status": "affected", "version": "12.6(2)_Permalink_ET"}, {"status": "affected", "version": "12.6.2_CSCwk19536_ET"}, {"status": "affected", "version": "12.6.2_CSCwm96922_ET"}, {"status": "affected", "version": "12.6.2_Amq_OOS_ET"}, {"status": "affected", "version": "12.5(2)ET_CSCwi79933"}, {"status": "affected", "version": "12.6(2)_ET"}, {"status": "affected", "version": "12.6.2_CSCwn48501_ET"}], "defaultStatus": "unknown"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-ssrf-JSuDjeV", "name": "cisco-sa-cuis-ssrf-JSuDjeV"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device.\r\n\r\nThis vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-918", "description": "Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2025-07-16T16:16:55.622Z"}}}, "cveMetadata": {"cveId": "CVE-2025-20288", "state": "PUBLISHED", "dateUpdated": "2025-07-18T14:30:15.794Z", "dateReserved": "2024-10-10T19:15:13.251Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2025-07-16T16:16:55.622Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:10.5\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "5601C191-19B9-4CC3-94E0-AB144A6BD02C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "D92445EF-1107-456D-8F03-44BA2A385383", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "2F4F7BC5-E393-4C85-93ED-8F8DBD81A383", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "BD658DE5-84D2-4527-AF25-09F31572C184", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.5\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "060AFE51-F470-4B14-8D74-8B721129A37E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.6\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "7B59061B-ED98-47C6-A8CF-41CA11500AF2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "DF881F48-7268-4A06-A72B-FEE1BD58A193", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.5\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "84C52246-9E02-434A-8E41-76B21DB3F25C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.5\\(1\\)su:*:*:*:*:*:*:*", "matchCriteriaId": "42B2688A-4E07-4EA0-8304-E168FB672202", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "0EAE9043-E488-4FBE-8A60-377F71D5D126", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\)_es05_et:*:*:*:*:*:*:*", "matchCriteriaId": "45676746-8B75-4095-A4FF-9AC34CF0E72F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\)_et:*:*:*:*:*:*:*", "matchCriteriaId": "D94589CB-61F9-474F-800A-5387FB4AEF9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "0A136173-603C-427A-AC03-76CBB6757C92", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "1C277058-F33F-4E60-AE89-658CB6558D9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\)su1:*:*:*:*:*:*:*", "matchCriteriaId": "1E255206-BDDB-4F0F-9ED7-3A3ACA74EF83", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\)su1es10:*:*:*:*:*:*:*", "matchCriteriaId": "CE358FF2-CB8A-4E0D-926E-ED151B585E52", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "D6F83A65-F3AC-4F6B-97A3-9FC582683BCB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su1:*:*:*:*:*:*:*", "matchCriteriaId": "A766B903-E6DB-4838-90A7-63918C9F8AD9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su2:*:*:*:*:*:*:*", "matchCriteriaId": "2F1F0C70-E644-4DCA-93C2-6BCB331D08E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su2es04:*:*:*:*:*:*:*", "matchCriteriaId": "DF54B434-E765-40B1-B12A-21FC7F415ACE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3:*:*:*:*:*:*:*", "matchCriteriaId": "60839544-11E0-4381-A9AA-21D6FB403F88", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es01:*:*:*:*:*:*:*", "matchCriteriaId": "7D8114CF-6689-4C97-BD5D-07CC8EEF35A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es02:*:*:*:*:*:*:*", "matchCriteriaId": "1D90986B-64ED-44A1-9CF1-7C9FD27555FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es03:*:*:*:*:*:*:*", "matchCriteriaId": "442E4715-5043-4BF7-8961-C8844A00A7B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1:*:*:*:*:*:*:*", "matchCriteriaId": "0242DD9A-A5BB-4DE7-9218-7AE0FE2A65AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1es02:*:*:*:*:*:*:*", "matchCriteriaId": "A5002FAA-FE64-4AA7-B0D7-22084CCE0CE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1es03:*:*:*:*:*:*:*", "matchCriteriaId": "6C17A2AB-33B3-4089-A701-A29A4E55D667", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)es01:*:*:*:*:*:*:*", "matchCriteriaId": "DC6FFA8B-248F-42C7-8A06-3F7E158386EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1:*:*:*:*:*:*:*", "matchCriteriaId": "26A35E9A-FFFB-49AF-BA70-67F3EA54B9ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es01:*:*:*:*:*:*:*", "matchCriteriaId": "3F529FE5-1DE8-43A5-88EE-0980D3A55BCF", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es02:*:*:*:*:*:*:*", "matchCriteriaId": "766350AF-1B2F-4DC0-9DA3-E17B45892163", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es03:*:*:*:*:*:*:*", "matchCriteriaId": "702E48CC-3858-491C-A328-5D9ADDDC8DC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "20CF8B80-28C0-407B-BA60-1B07694A3DFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\)es01:*:*:*:*:*:*:*", "matchCriteriaId": "59A30F7B-9756-40BD-89C1-60E2702CC806", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\)es02:*:*:*:*:*:*:*", "matchCriteriaId": "29A15BB5-0725-4159-B387-74CFBF58F349", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "82F5416D-0DF3-48BB-8A23-DBC2B0746195", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es01:*:*:*:*:*:*:*", "matchCriteriaId": "908E3B03-7248-44B4-B0DE-E3B3F7FA9555", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es02:*:*:*:*:*:*:*", "matchCriteriaId": "1705F343-BF9D-4EBC-B833-64F03EDD7C27", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es03:*:*:*:*:*:*:*", "matchCriteriaId": "686F6450-99FC-4260-B9CE-B7F313464EFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es04:*:*:*:*:*:*:*", "matchCriteriaId": "93851C02-3E0A-41F1-82BB-24546A83E272", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es05:*:*:*:*:*:*:*", "matchCriteriaId": "10E25C7A-42B4-40CE-A13B-0252C05FCFD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es06:*:*:*:*:*:*:*", "matchCriteriaId": "4D0128C7-3FB4-42EE-B4D8-68EAAC4727A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es07:*:*:*:*:*:*:*", "matchCriteriaId": "2A92970B-53FD-4ED6-95BC-FDC7BB6780CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es08:*:*:*:*:*:*:*", "matchCriteriaId": "FE8E4137-3059-46B0-B241-2AA42A3D959E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "30A8784D-B7A6-4F13-B89D-4ED910CC0576", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es01:*:*:*:*:*:*:*", "matchCriteriaId": "B368DEE7-7639-4D46-997B-2F2409712CAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es02:*:*:*:*:*:*:*", "matchCriteriaId": "B721320B-C72C-4550-B585-9F43439FAB25", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es03:*:*:*:*:*:*:*", "matchCriteriaId": "A5F18549-A002-4106-9740-6B641E0ECF8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es04:*:*:*:*:*:*:*", "matchCriteriaId": "CFF4AD59-6A04-4473-84E0-D99D24D99BC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "A9715BD0-F519-462E-ACF6-859B203638D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es01:*:*:*:*:*:*:*", "matchCriteriaId": "CB2C8F59-78F2-4E3A-8261-F4EF214F691A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es02:*:*:*:*:*:*:*", "matchCriteriaId": "D3117461-56A5-4957-8BE0-83F44B66AE3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es03:*:*:*:*:*:*:*", "matchCriteriaId": "4B279AE4-9CF7-49F1-A4C3-D8A6301EF136", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es01:*:*:*:*:*:*:*", "matchCriteriaId": "860ACAB6-5CB9-468C-90C4-B7C8E9559D2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es02:*:*:*:*:*:*:*", "matchCriteriaId": "FB2D8357-773D-492F-BC5B-F672C4D736A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es03:*:*:*:*:*:*:*", "matchCriteriaId": "EE0B3B5E-2C4C-473C-B7FB-F62AAC19744C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es04:*:*:*:*:*:*:*", "matchCriteriaId": "51D7EEFA-D04C-4769-8C62-B8B5902F79ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es01:*:*:*:*:*:*:*", "matchCriteriaId": "E31A16D3-3B40-42EA-BAC3-05A13082CED2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es02:*:*:*:*:*:*:*", "matchCriteriaId": "21F08B08-23C1-4AD7-AD67-34D196C8470E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es03:*:*:*:*:*:*:*", "matchCriteriaId": "05AD3A80-2409-475E-87F5-430E51C53087", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es04:*:*:*:*:*:*:*", "matchCriteriaId": "49165652-275C-4AD9-9585-2F130989D404", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es05:*:*:*:*:*:*:*", "matchCriteriaId": "A4480EF1-226E-459E-B2F5-3985A219BBD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es06:*:*:*:*:*:*:*", "matchCriteriaId": "2A408698-6123-4772-8D11-FE89EBB135D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es01:*:*:*:*:*:*:*", "matchCriteriaId": "81728CDB-DD39-4DD9-BB82-6F2D8E3D1E2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es02:*:*:*:*:*:*:*", "matchCriteriaId": "80F9AF5B-3670-4910-9AD8-C1FB90C7190B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es03:*:*:*:*:*:*:*", "matchCriteriaId": "78DAF852-5CA1-4D2B-948B-F0E9FB9DA973", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su1:*:*:*:*:*:*:*", "matchCriteriaId": "83EDDAAF-0746-4851-B7E5-60E4ED039D02", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su2:*:*:*:*:*:*:*", "matchCriteriaId": "0FBB3406-4AD0-41B1-AFC3-3FC6E7E01B10", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su3:*:*:*:*:*:*:*", "matchCriteriaId": "6BF183D9-CDF6-44D9-B529-F13666A3EE07", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device.\r\n\r\nThis vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n web de Cisco Unified Intelligence Center podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de Server Side Request Forgery (SSRF) a trav\u00e9s de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada incorrecta para solicitudes HTTP espec\u00edficas. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud HTTP manipulada a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante enviar solicitudes de red arbitrarias provenientes del dispositivo afectado."}], "id": "CVE-2025-20288", "lastModified": "2025-07-22T14:40:58.893", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "psirt@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-07-16T17:15:30.387", "references": [{"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-ssrf-JSuDjeV"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "psirt@cisco.com", "type": "Primary"}]}

{}